Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Search for:

Our CTO Interviewed on CNN: Man exposes Facebook security flaw

Posted August 19, 2013 Sarah Lieber

Marc Maiffret spoke on CNN earlier today about the Palestinian IT specialist, Khalil Shreateh, who exposed a Facebook security flaw and due to miscommunication, was not awarded a bounty for his work. A quick excerpt and a link to the interview are below.

“He found a great vulnerability in Facebook, he tried to report it responsibly in his own way, and I think it would be the right thing to support him and send a good message. So that folks like him who continue to report it to the Facebooks of the world versus selling it for a lot more money in the underground…This was a pretty big bug.” – Marc Maiffret

Additionally, if you’d like to help Khalil Shreateh and his future security research efforts, you can donate to him directly here. 100% of proceeds go to Khalil Shreateh. Let us all send a message to security researchers across the world and say that we appreciate the efforts they make for the good of everyone.

In this webinar, SANS Instructor and Founder of Voodoo Security, Dave Shackleford, will revisit several hacking and breach scenarios that involved privileged accounts, and use these as examples while discussing tools and tactics to get this problem under control once and for all.

There’s plenty of problems we don’t have great options for in InfoSec today. Malware is a pain point that keeps evolving rapidly. 0-day exploits are tough to prepare for. Privileged account management? We got this. We know the root causes, we know how it manifests, we know how to get it under control effectively, and there are great technology solutions that are enterprise-class.